Automating Syslog Configuration on ESXi Hosts with PowerCLI
ESXi hosts generate a lot of log data that can be used for troubleshooting and analysis. To centralize log management, VMware provides the Syslog service, which allows ESXi hosts to send their log data to a central Syslog server. In this blog post, we will show you how to automate the configuration of the Syslog service on ESXi hosts using PowerCLI.
<#
Author: Kabir Ali - info@kablog.nl
Scriptname: Configure Syslog on ESXi (CSoE)
Version: 1.0 (Tested)
Date: March 9 2023
Why: ESXi hosts should point to the new syslog server. This script will remove the old syslog server and will point the ESXi hosts to the new syslog server.
Version updates:
1.0 - Mar/09/2023 - First version
#>
<#
Example:
.\CSoE.ps1 -vCenter "vCenter@local.domain" -Cluster "Production" -Syslog_server "udp://vrli.local.domain:514"
#>
Param (
[Parameter(Mandatory = $true)][string]$vCenter,
[Parameter(Mandatory = $true)][string]$Cluster,
[Parameter(Mandatory = $true)][string]$Syslog_server
)
# Bypass SSL certificate verification
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
# Connect vCenter
try {
Connect-VIServer -Server $vCenter -ErrorAction Stop
}
Catch {
Write-Warning -Message "Error: Failed to connect to the source vCenter. Stopping script."
Break
}
# Check if cluster is correct
if (get-cluster -name $Cluster -Server $vCenter) {
}
else {
Write-Warning -Message "Error: Couldn't find cluster: $($Cluster). Is the cluster name correct?"
Break
}
# Get all the hosts that are in the cluster
$all_hosts = get-cluster -name $Cluster -Server $vCenter | Get-VMHost
# Loop through hosts and enable syslog
foreach ($esxhost in $all_hosts) {
# Stop syslog server on the host
Get-VMHost -name $esxhost | Get-VMHostService | Where-Object {$_.Key -eq "vmsyslogd" } | Stop-VMHostService -Confirm:$false
# Set FW rule
Get-VMHostFirewallException -VMHost $esxhost | where {$_.Name -eq "syslog"} | Set-VMHostFirewallException -Enabled:$true
# Setup syslog server
# Remove current syslog server
Get-VMHost -Name $esxhost | Get-AdvancedSetting -name "Syslog.global.LogHost" | Remove-AdvancedSetting -Confirm:$false
# Set new syslog server
Get-VMHost -Name $esxhost | Get-AdvancedSetting -name "Syslog.global.LogHost" | Set-AdvancedSetting -Value $Syslog_server -Confirm:$false
# Start syslog server
Get-VMHost -name $esxhost | Get-VMHostService | Where-Object {$_.Key -eq "vmsyslogd" } | Start-VMHostService -Confirm:$false
}
# Disconnect vCenter
Disconnect-VIServer -Server * -Confirm:$false
Conclusion:
Automating the configuration of the Syslog service on ESXi hosts using PowerCLI can save you a lot of time and effort. With this script, you can quickly configure the Syslog service on multiple ESXi hosts without manually logging in to each host. You can also modify the script to fit your specific needs, such as configuring the Syslog or changing the Syslog server settings.